CVE-2020-7636

adb-driver through 0.1.8 is vulnerable to Command Injection.It allows execution of arbitrary commands via the command function...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990000)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990000 advisory. In the Linux kernel, the following vulnerability has been resolved: macintosh/via-macii: Fix BUG: sleeping function called from invalid context The via-macii ADB...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990217)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990217 advisory. In the Linux kernel, the following vulnerability has been resolved: macintosh/via-macii: Fix BUG: sleeping function called from invalid context The via-macii ADB...

EUVD-2021-2441

Malware in sbrugna...

SUSE CVE-2024-38607

In the Linux kernel, the following vulnerability has been resolved: macintosh/via-macii: Fix "BUG: sleeping function called from invalid context" The via-macii ADB driver calls requestirq after disabling hard interrupts. But disabling interrupts isn't necessary here because the VIA shift register...

UBUNTU-CVE-2024-38607

In the Linux kernel, the following vulnerability has been resolved: macintosh/via-macii: Fix "BUG: sleeping function called from invalid context" The via-macii ADB driver calls requestirq after disabling hard interrupts. But disabling interrupts isn't necessary here because the VIA shift register...

CVE-2024-38607

CVE-2024-38607 corresponds to a Linux kernel issue: the via-macii ADB driver called request_irq() after disabling hard interrupts, which was unnecessary because the VIA shift register interrupt was masked during VIA1 initialization. The vulnerability is tied to the macintosh/via-macii driver and ...

CVE-2024-38607 macintosh/via-macii: Fix "BUG: sleeping function called from invalid context"

In the Linux kernel, the following vulnerability has been resolved: macintosh/via-macii: Fix "BUG: sleeping function called from invalid context" The via-macii ADB driver calls requestirq after disabling hard interrupts. But disabling interrupts isn't necessary here because the VIA shift register...

CVE-2024-38607 macintosh/via-macii: Fix "BUG: sleeping function called from invalid context"

In the Linux kernel, the following vulnerability has been resolved: macintosh/via-macii: Fix "BUG: sleeping function called from invalid context" The via-macii ADB driver calls requestirq after disabling hard interrupts. But disabling interrupts isn't necessary here because the VIA shift register...

@10yun/cv-mobile-ui (=0.3.20), @aiot-toolkit/aiotpack (>=2.0.5-beta.11 <=2.0.5-widget-provider-beta.2) +181 more potentially affected by CVE-2020-7636 via adb-driver (>=0.0.1 <=0.1.8)

adb-driver NPM version =0.0.1, =2.0.5-beta.11, =1.0.0, =1.0.0, =2.0.0-26820200330001, =2.0.0, =2.0.0-26920200420001, =0.1.0, =1.0.0, =1.9.3, =1.9.3, =0.4.0, =2.0.9-beta.1 and more Source cves: CVE-2020-7636 Source advisory: OSV:GHSA-4M6Q-RXHM-675W...

OS Command Injection in adb-driver

adb-driver through 0.1.8 is vulnerable to Command Injection.It allows execution of arbitrary commands via the command function...

CVE-2020-7636

adb-driver through 0.1.8 is vulnerable to Command Injection.It allows execution of arbitrary commands via the command function...

Command injection

adb-driver through 0.1.8 is vulnerable to Command Injection.It allows execution of arbitrary commands via the command function...

CVE-2020-7636

CVE-2020-7636 affects adb-driver up to version 0.1.8. The underlying issue is a Command Injection vulnerability in the command function, allowing an attacker to execute arbitrary commands. Several connected records corroborate the vulnerability in adb-driver, with public references noting the inj...

CVE-2020-7636

adb-driver through 0.1.8 is vulnerable to Command Injection.It allows execution of arbitrary commands via the command function...

@10yun/cv-mobile-ui (=0.3.20), @aiot-toolkit/aiotpack (>=2.0.5-beta.11 <=2.0.5-widget-provider-beta.2) +181 more potentially affected by CVE-2020-7636 via adb-driver (>=0.0.1 <=0.1.8)

adb-driver NPM version =0.0.1, =2.0.5-beta.11, =1.0.0, =1.0.0, =2.0.0-26820200330001, =2.0.0, =2.0.0-26920200420001, =0.1.0, =1.0.0, =1.9.3, =1.9.3, =0.4.0, =2.0.9-beta.1 and more Source cves: CVE-2020-7636 Source advisory: SNYK:JS-ADBDRIVER-564430...

Command Injection

Overview adb-driver is a Universal Android USB Driver. Affected versions of this package are vulnerable to Command Injection. The argument command can be controlled by users without any sanitization. PoC var root = require"adb-driver"; root.execADBCommand' & touch Song'; the injection point is...